Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/13b165-0986-4e93-b1b4-bbf7c70ef4b3/1/9ygufk5wV5SHP-4lHYRcrvRH55g.roa
File:                     9ygufk5wV5SHP-4lHYRcrvRH55g.roa (raw, json)
Hash identifier:          6XW0xAYvpuBg6SROYQr9TpMET6kQbZMxyYIk5+3BTng=
Subject key identifier:   F7:28:2E:7E:4E:70:57:94:87:3F:EE:25:1D:84:5C:AE:F4:47:E7:98
Certificate issuer:       /CN=0d1a3131fe8bea9c8258313a0f24ba2a560b58d3
Certificate serial:       01856F79938053BEBEB935C4BD578CB74C54
Authority key identifier: 0D:1A:31:31:FE:8B:EA:9C:82:58:31:3A:0F:24:BA:2A:56:0B:58:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DRoxMf6L6pyCWDE6DyS6KlYLWNM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/13b165-0986-4e93-b1b4-bbf7c70ef4b3/1/9ygufk5wV5SHP-4lHYRcrvRH55g.roa
Signing time:             Sun 01 Jan 2023 22:35:16 +0000
ROA not before:           Sun 01 Jan 2023 22:35:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207056
IP address blocks:        185.167.122.0/24 maxlen: 24
                          185.167.121.0/24 maxlen: 24
                          185.167.120.0/24 maxlen: 24
                          185.167.123.0/24 maxlen: 24
                          2a0b:6a00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:93:80:53:be:be:b9:35:c4:bd:57:8c:b7:4c:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d1a3131fe8bea9c8258313a0f24ba2a560b58d3
        Validity
            Not Before: Jan  1 22:35:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f7282e7e4e705794873fee251d845caef447e798
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:64:b4:cd:6f:fb:5b:b6:0c:84:29:bd:ce:e1:
                    02:a0:54:e1:11:54:33:04:f7:8e:72:0a:11:85:5d:
                    1a:72:9c:98:0c:7c:a5:35:2a:ba:c0:03:4e:fc:1e:
                    e5:32:85:32:4d:ea:b9:56:9a:87:4c:73:c1:07:ba:
                    30:c3:6a:a6:5f:ce:a9:1d:8b:bc:11:d4:fe:92:f5:
                    d6:f2:de:6e:03:6e:4c:5f:7e:3c:06:4e:04:7b:09:
                    b2:30:86:0f:3d:86:22:34:82:74:51:88:23:35:f5:
                    6d:55:c8:7f:77:fe:9e:78:2d:ca:f5:c7:86:87:8a:
                    14:1d:17:a6:a8:4e:32:21:59:60:d3:4b:ca:f5:27:
                    43:83:b8:35:0a:0b:86:51:8b:e6:e8:20:6c:db:66:
                    94:24:4b:76:5e:7f:86:8a:c9:7d:f6:7e:9d:3a:40:
                    c1:00:61:d5:48:f6:7f:3d:21:5c:c0:5c:4a:4a:91:
                    7d:e4:d2:a5:aa:8e:77:35:70:52:01:53:29:01:58:
                    60:0a:c4:73:41:88:7a:9d:54:c1:c3:89:f1:a5:05:
                    d6:df:24:4b:da:e1:9e:d6:cf:32:10:c8:f1:9f:2a:
                    b8:df:4f:0c:91:3f:85:92:90:42:2e:73:b4:48:e4:
                    ad:9e:99:d6:d9:eb:db:b2:95:a3:0d:8e:c2:d4:80:
                    6f:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:28:2E:7E:4E:70:57:94:87:3F:EE:25:1D:84:5C:AE:F4:47:E7:98
            X509v3 Authority Key Identifier:
                keyid:0D:1A:31:31:FE:8B:EA:9C:82:58:31:3A:0F:24:BA:2A:56:0B:58:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRoxMf6L6pyCWDE6DyS6KlYLWNM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/13b165-0986-4e93-b1b4-bbf7c70ef4b3/1/9ygufk5wV5SHP-4lHYRcrvRH55g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/13b165-0986-4e93-b1b4-bbf7c70ef4b3/1/DRoxMf6L6pyCWDE6DyS6KlYLWNM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.120.0/22
                IPv6:
                  2a0b:6a00::/29

    Signature Algorithm: sha256WithRSAEncryption
         9a:6f:30:3e:73:a8:09:03:e8:bf:40:24:83:27:39:9b:08:1b:
         6a:a4:e8:9b:4e:c0:04:92:cc:9f:2d:2d:1f:92:f3:f9:92:9a:
         19:51:34:fb:a8:e2:95:6a:16:59:fb:66:de:4b:f8:e7:1a:32:
         94:fb:b3:5a:e0:0c:db:1a:95:01:92:2f:95:23:b2:32:9c:d3:
         fd:14:3a:79:d5:68:d8:dc:ab:38:fc:ee:48:1c:a2:e9:01:e4:
         76:0e:8a:97:95:6f:50:c6:d9:78:f5:93:45:33:8d:b3:d7:4f:
         06:a7:38:f0:98:c9:53:b7:18:e1:ae:7f:7d:36:53:fc:3d:13:
         2a:7e:43:56:09:09:53:4c:52:3e:af:ef:f6:65:45:6d:7f:84:
         51:08:27:20:b8:1f:7a:8e:1d:40:fb:59:ff:ac:f5:63:46:5c:
         ef:12:c6:21:b9:e9:3b:75:87:38:e0:5b:ea:07:e2:27:54:7f:
         39:72:9f:17:1a:66:5e:03:91:6b:73:ea:bf:41:97:5f:8c:d4:
         24:da:90:66:6c:41:c3:e9:f4:7e:d8:6c:ec:3b:fa:2e:cb:05:
         af:a2:0b:b8:55:3c:96:1c:95:b8:63:d1:85:dc:6b:10:0d:3b:
         a0:1b:73:31:58:4b:0d:02:a8:e9:ee:42:c7:0c:18:d8:5c:13:
         69:4f:23:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVveZOAU76+uTXEvVeMt0xUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMWEzMTMxZmU4YmVhOWM4MjU4MzEzYTBmMjRiYTJhNTYw
YjU4ZDMwHhcNMjMwMTAxMjIzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzI4MmU3ZTRlNzA1Nzk0ODczZmVlMjUxZDg0NWNhZWY0NDdlNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGS0zW/7W7YMhCm9zuECoFThEVQz
BPeOcgoRhV0acpyYDHylNSq6wANO/B7lMoUyTeq5VpqHTHPBB7oww2qmX86pHYu8
EdT+kvXW8t5uA25MX348Bk4EewmyMIYPPYYiNIJ0UYgjNfVtVch/d/6eeC3K9ceG
h4oUHRemqE4yIVlg00vK9SdDg7g1CguGUYvm6CBs22aUJEt2Xn+Gisl99n6dOkDB
AGHVSPZ/PSFcwFxKSpF95NKlqo53NXBSAVMpAVhgCsRzQYh6nVTBw4nxpQXW3yRL
2uGe1s8yEMjxnyq4308MkT+FkpBCLnO0SOStnpnW2evbspWjDY7C1IBvRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPcoLn5OcFeUhz/uJR2EXK70R+eYMB8GA1UdIwQY
MBaAFA0aMTH+i+qcglgxOg8kuipWC1jTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFJveE1mNkw2cHlDV0RFNkR5UzZLbFlMV05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8xM2IxNjUtMDk4Ni00ZTkzLWIxYjQt
YmJmN2M3MGVmNGIzLzEvOXlndWZrNXdWNVNIUC00bEhZUmNydlJINTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8xM2IxNjUtMDk4Ni00ZTkzLWIxYjQtYmJmN2M3MGVmNGIz
LzEvRFJveE1mNkw2cHlDV0RFNkR5UzZLbFlMV05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuad4MA0E
AgACMAcDBQMqC2oAMA0GCSqGSIb3DQEBCwUAA4IBAQCabzA+c6gJA+i/QCSDJzmb
CBtqpOibTsAEksyfLS0fkvP5kpoZUTT7qOKVahZZ+2beS/jnGjKU+7Na4AzbGpUB
ki+VI7IynNP9FDp51WjY3Ks4/O5IHKLpAeR2DoqXlW9Qxtl49ZNFM42z108Gpzjw
mMlTtxjhrn99NlP8PRMqfkNWCQlTTFI+r+/2ZUVtf4RRCCcguB96jh1A+1n/rPVj
RlzvEsYhuek7dYc44FvqB+InVH85cp8XGmZeA5Frc+q/QZdfjNQk2pBmbEHD6fR+
2GzsO/ouywWvogu4VTyWHJW4Y9GF3GsQDTugG3MxWEsNAqjp7kLHDBjYXBNpTyMz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:23 2024 by rpki-client on console-fra.rpki-client.org